package cn.yunhe.interceptor;

import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.MethodFilterInterceptor;

import java.util.Map;

public class PermitInterceptor extends MethodFilterInterceptor {
    @Override
    protected String doIntercept(ActionInvocation invocation) throws Exception {
        ActionContext cxt=invocation.getInvocationContext();
        String username= (String) cxt.getSession().get("username");
        Map request= (Map) cxt.get("request");
        if (username==null){
            request.put("msg","未登录,请先<a href='login.jsp'>登陆</a>");
            return "error";
        }else{
            String method=invocation.getProxy().getMethod().toLowerCase();
            if (!"admin".equals(username)&&(method.startsWith("add")||method.startsWith("del")||method.startsWith("up"))){
                request.put("msg","无此权限,请<a href='javascript:history.go(-1)'>返回</a>");
                return "error";
            }
            return invocation.invoke();
        }
    }
}
